package org.eraser.security.authentication;

import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.jetbrains.annotations.NotNull;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

import java.io.IOException;

/**
 * 身份验证过滤器
 * 一般常用的是 UsernamePasswordAuthenticationFilter 但也可以自定义
 * <p>
 * UsernamePasswordAuthenticationFilter >>> AbstractAuthenticationProcessingFilter >>> requiresAuthentication(request, response) 这里进行了 /login 接口的拦截。利用 AntPathRequestMatcher 对象进行请求路径的比较
 * <p>
 * 我们这里是图形验证码进行"人机校验"的过滤器
 */
@Component
public class ManMachineVerificationFilter extends OncePerRequestFilter {

    @Override
    protected void doFilterInternal(@NotNull HttpServletRequest request, @NotNull HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        filterChain.doFilter(request, response);
    }
}
